Good day
I had this malware in both of my both of my browers chrome (default) and IE. I some how managed to remove it from chrome using their removal tool but can't seem to remove it from IE eve though I have changed my home page settings to google the IE opens with
hxxp://isearch.omiga-plus.com/?type=sc&ts=1417838410&from=air&uid=WDCXWD6400BEVT-22A0RT0_WD-WXA1A208562685626
I had a windows 7 boot disic but can't find it so I have to say no to boot disc
attached required below many thks
Brobilly52
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183 BrowserJavaVersion: 10.72.2
Run by brenda at 13:42:06 on 2014-12-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4031.1878 [GMT 10:00]
.
AV: AVG AntiVirus 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\WebCam\S6000\S6000Mnt.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com.au/
mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: agentware.net
Trusted Zone: sabre.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} - hxxps://my.sabre.com/jars/TMinReqX.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\24967605F6E64603434443 : DHCPNameServer = 61.9.211.1 61.9.211.33
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\77262756E6E65627 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\E45445745414250313 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\F40545553544E4032453144454 : DHCPNameServer = 10.1.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: avldr - avldr64.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-18 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-15 20160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-11 26528]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2010-11-15 344064]
R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2010-11-15 405504]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-9 298080]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-10-22 2443960]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-3-15 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-4-29 865824]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-12 13336]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640]
R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2011-8-10 171040]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-29 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-3-12 240160]
R2 WindowsMangerProtect;WindowsMangerProtect Service;C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service --> C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-29 56344]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2014-12-11 128200]
R3 S6000KNT;S6000KNT_WebCam Driver;C:\Windows\System32\drivers\S6000KNT.sys [2014-12-11 190232]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-12-11 33008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-9 250368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-27 40448]
S3 AVerAF35;AVerMedia A825 USB Dual DVB-T;C:\Windows\System32\drivers\AVerAF35.sys [2010-11-15 524544]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-3-12 53800]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-4-29 35104]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-14 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-12 6952960]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-21 1255736]
S4 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-2 305520]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-13 03:32:03 -------- d-----w- C:\Windows\System32\backup
2014-12-11 02:11:54 -------- d-----w- C:\Program Files (x86)\SmartPCFixer
2014-12-11 01:52:41 26528 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-11 01:25:59 511496 ----a-w- C:\Windows\System32\XAudio2_1.dll
2014-12-11 01:23:01 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-12-11 01:21:21 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-11 01:19:45 128200 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2014-12-11 01:17:54 662784 ----a-w- C:\Windows\System32\MaxxVolumeSDAPO.dll
2014-12-11 01:17:49 2041432 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2014-12-11 01:17:49 14863448 ----a-w- C:\Windows\System32\MaxxAudioRealtek64.dll
2014-12-11 01:17:48 1063512 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2014-12-11 01:17:47 663296 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2014-12-11 01:17:47 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2014-12-11 01:17:46 2770976 ----a-w- C:\Windows\System32\FMAPO64.dll
2014-12-11 01:17:45 113576 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-12-11 01:17:44 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-12-11 01:17:44 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2014-12-11 01:14:58 2814656 ----a-w- C:\Windows\SysWow64\nvapi.dll
2014-12-11 01:14:58 22994208 ----a-w- C:\Windows\System32\nvcompiler.dll
2014-12-11 01:14:58 15294296 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2014-12-11 01:14:21 -------- d-----w- C:\Windows\WebCam
2014-12-11 01:14:10 76312 ----a-w- C:\Windows\System32\S6000DIF.dll
2014-12-11 01:14:10 59928 ----a-w- C:\Windows\system\S6000Rmv.dll
2014-12-11 01:14:10 428568 ----a-w- C:\Windows\system\S6000Dex.dll
2014-12-11 01:14:10 190232 ----a-w- C:\Windows\System32\drivers\S6000KNT.sys
2014-12-11 01:14:10 17432 ----a-w- C:\Windows\system\S6000Remov.exe
2014-12-11 01:14:10 141848 ----a-w- C:\Windows\system\S6000Vex.dll
2014-12-11 01:13:46 33008 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2014-12-11 00:58:37 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-12-11 00:58:37 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-12-11 00:58:36 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-12-11 00:40:20 -------- d-----w- C:\ProgramData\ProductData
2014-12-11 00:40:12 -------- d-----w- C:\ProgramData\IObit
2014-12-11 00:40:11 -------- d-----w- C:\Users\brenda\AppData\Roaming\IObit
2014-12-11 00:40:04 -------- d-----w- C:\Program Files (x86)\IObit
2014-12-10 12:35:21 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 05:08:04 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 05:08:04 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 05:08:04 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 05:08:04 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 05:08:04 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 05:08:04 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 05:08:04 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 05:08:03 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 05:08:03 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 05:08:03 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 01:33:03 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-12-10 01:31:33 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-12-10 01:31:32 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-10 01:31:32 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-10 01:31:32 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-10 01:31:32 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-10 01:31:30 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-10 01:31:30 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-10 01:31:29 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-10 01:31:14 187904 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-12-10 01:31:14 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-12-10 01:31:13 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-12-10 01:31:13 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-07 00:11:37 -------- d-----w- C:\Windows\Panther
2014-12-06 09:21:34 -------- d-----w- C:\Users\brenda\AppData\Roaming\AVG2015
2014-12-06 09:21:03 -------- d-----w- C:\Users\brenda\AppData\Roaming\TuneUp Software
2014-12-06 09:20:23 -------- d--h--w- C:\$AVG
2014-12-06 09:20:23 -------- d-----w- C:\ProgramData\AVG2015
2014-12-06 09:16:18 -------- d-----w- C:\Users\brenda\AppData\Local\MFAData
2014-12-06 09:16:18 -------- d-----w- C:\Users\brenda\AppData\Local\Avg2015
2014-12-06 09:16:18 -------- d-----w- C:\ProgramData\MFAData
2014-12-06 04:00:40 -------- d-----w- C:\ProgramData\IePluginServices
2014-12-06 04:00:33 -------- d-----w- C:\Program Files (x86)\SupTab
2014-12-06 04:00:24 -------- d-----w- C:\ProgramData\WindowsMangerProtect
2014-12-06 04:00:13 -------- d-----w- C:\Users\brenda\AppData\Roaming\omiga-plus
2014-12-05 23:47:03 -------- d-----w- C:\Users\brenda\AppData\Roaming\AVG
2014-12-05 23:46:44 -------- d-----w- C:\Program Files (x86)\AVG
2014-12-05 23:45:43 -------- d-----w- C:\Users\brenda\AppData\Local\Avg
2014-12-05 23:45:03 -------- d--h--w- C:\ProgramData\Common Files
2014-12-05 23:45:00 -------- d-----w- C:\ProgramData\AVG
2014-12-01 06:44:46 -------- d-----w- C:\ProgramData\Oracle
2014-11-24 12:40:33 -------- d-----w- C:\Users\brenda\AppData\Local\{8070DABD-109F-4DA4-8930-AB261AD7AE1E}
2014-11-20 22:08:17 -------- d-----w- C:\Users\brenda\AppData\Local\{EAF473D3-C904-4D03-BD57-FCDDCC73EB2F}
2014-11-18 21:16:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-18 21:16:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-18 21:16:36 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-18 21:16:36 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-14 09:56:56 -------- d-sh--w- C:\Users\brenda\AppData\Local\EmieBrowserModeList
.
==================== Find3M ====================
.
2014-12-11 02:17:58 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 02:17:58 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-11 01:15:06 18626304 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2014-12-11 01:14:58 3196816 ----a-w- C:\Windows\System32\nvapi64.dll
2014-11-21 08:38:00 2237952 ----a-w- C:\Windows\System32\wininet.dll
2014-11-21 08:37:51 600576 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-21 08:36:24 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-21 08:36:17 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-21 08:36:17 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-11-21 08:35:42 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-21 07:17:51 1762816 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 07:17:44 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-21 07:16:46 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-21 07:16:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-21 07:16:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-11-21 07:16:16 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-21 07:00:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-21 06:54:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-21 06:31:56 441856 ----a-w- C:\Windows\System32\html.iec
2014-11-21 06:24:52 361984 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-21 06:05:06 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-11-21 05:59:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-29 11:35:16 263960 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 03:07:11 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 04:14:32 274200 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-05 10:41:40 124184 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
.
============= FINISH: 13:43:31.23 ===============
I had this malware in both of my both of my browers chrome (default) and IE. I some how managed to remove it from chrome using their removal tool but can't seem to remove it from IE eve though I have changed my home page settings to google the IE opens with
hxxp://isearch.omiga-plus.com/?type=sc&ts=1417838410&from=air&uid=WDCXWD6400BEVT-22A0RT0_WD-WXA1A208562685626
I had a windows 7 boot disic but can't find it so I have to say no to boot disc
attached required below many thks
Brobilly52
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183 BrowserJavaVersion: 10.72.2
Run by brenda at 13:42:06 on 2014-12-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4031.1878 [GMT 10:00]
.
AV: AVG AntiVirus 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\WebCam\S6000\S6000Mnt.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com.au/
mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: agentware.net
Trusted Zone: sabre.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} - hxxps://my.sabre.com/jars/TMinReqX.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\24967605F6E64603434443 : DHCPNameServer = 61.9.211.1 61.9.211.33
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\77262756E6E65627 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\E45445745414250313 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{0DCB2FD1-157D-4568-A6B6-A1B65FC02EF3}\F40545553544E4032453144454 : DHCPNameServer = 10.1.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: avldr - avldr64.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-18 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-15 20160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-11 26528]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2010-11-15 344064]
R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2010-11-15 405504]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-9 298080]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-10-22 2443960]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-3-15 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-4-29 865824]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-12 13336]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640]
R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2011-8-10 171040]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-29 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-3-12 240160]
R2 WindowsMangerProtect;WindowsMangerProtect Service;C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service --> C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-29 56344]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2014-12-11 128200]
R3 S6000KNT;S6000KNT_WebCam Driver;C:\Windows\System32\drivers\S6000KNT.sys [2014-12-11 190232]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-12-11 33008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-9 250368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-27 40448]
S3 AVerAF35;AVerMedia A825 USB Dual DVB-T;C:\Windows\System32\drivers\AVerAF35.sys [2010-11-15 524544]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-3-12 53800]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-4-29 35104]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-14 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-12 6952960]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-21 1255736]
S4 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-2 305520]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-13 03:32:03 -------- d-----w- C:\Windows\System32\backup
2014-12-11 02:11:54 -------- d-----w- C:\Program Files (x86)\SmartPCFixer
2014-12-11 01:52:41 26528 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-11 01:25:59 511496 ----a-w- C:\Windows\System32\XAudio2_1.dll
2014-12-11 01:23:01 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-12-11 01:21:21 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-11 01:19:45 128200 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2014-12-11 01:17:54 662784 ----a-w- C:\Windows\System32\MaxxVolumeSDAPO.dll
2014-12-11 01:17:49 2041432 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2014-12-11 01:17:49 14863448 ----a-w- C:\Windows\System32\MaxxAudioRealtek64.dll
2014-12-11 01:17:48 1063512 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2014-12-11 01:17:47 663296 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2014-12-11 01:17:47 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2014-12-11 01:17:46 2770976 ----a-w- C:\Windows\System32\FMAPO64.dll
2014-12-11 01:17:45 113576 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-12-11 01:17:44 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-12-11 01:17:44 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2014-12-11 01:14:58 2814656 ----a-w- C:\Windows\SysWow64\nvapi.dll
2014-12-11 01:14:58 22994208 ----a-w- C:\Windows\System32\nvcompiler.dll
2014-12-11 01:14:58 15294296 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2014-12-11 01:14:21 -------- d-----w- C:\Windows\WebCam
2014-12-11 01:14:10 76312 ----a-w- C:\Windows\System32\S6000DIF.dll
2014-12-11 01:14:10 59928 ----a-w- C:\Windows\system\S6000Rmv.dll
2014-12-11 01:14:10 428568 ----a-w- C:\Windows\system\S6000Dex.dll
2014-12-11 01:14:10 190232 ----a-w- C:\Windows\System32\drivers\S6000KNT.sys
2014-12-11 01:14:10 17432 ----a-w- C:\Windows\system\S6000Remov.exe
2014-12-11 01:14:10 141848 ----a-w- C:\Windows\system\S6000Vex.dll
2014-12-11 01:13:46 33008 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2014-12-11 00:58:37 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-12-11 00:58:37 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-12-11 00:58:36 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-12-11 00:40:20 -------- d-----w- C:\ProgramData\ProductData
2014-12-11 00:40:12 -------- d-----w- C:\ProgramData\IObit
2014-12-11 00:40:11 -------- d-----w- C:\Users\brenda\AppData\Roaming\IObit
2014-12-11 00:40:04 -------- d-----w- C:\Program Files (x86)\IObit
2014-12-10 12:35:21 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 05:08:04 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 05:08:04 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 05:08:04 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 05:08:04 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 05:08:04 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 05:08:04 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 05:08:04 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 05:08:03 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 05:08:03 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 05:08:03 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 01:33:03 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-12-10 01:31:33 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-12-10 01:31:32 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-10 01:31:32 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-10 01:31:32 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-10 01:31:32 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-10 01:31:30 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-10 01:31:30 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-10 01:31:29 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-10 01:31:14 187904 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-12-10 01:31:14 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-12-10 01:31:13 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-12-10 01:31:13 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-07 00:11:37 -------- d-----w- C:\Windows\Panther
2014-12-06 09:21:34 -------- d-----w- C:\Users\brenda\AppData\Roaming\AVG2015
2014-12-06 09:21:03 -------- d-----w- C:\Users\brenda\AppData\Roaming\TuneUp Software
2014-12-06 09:20:23 -------- d--h--w- C:\$AVG
2014-12-06 09:20:23 -------- d-----w- C:\ProgramData\AVG2015
2014-12-06 09:16:18 -------- d-----w- C:\Users\brenda\AppData\Local\MFAData
2014-12-06 09:16:18 -------- d-----w- C:\Users\brenda\AppData\Local\Avg2015
2014-12-06 09:16:18 -------- d-----w- C:\ProgramData\MFAData
2014-12-06 04:00:40 -------- d-----w- C:\ProgramData\IePluginServices
2014-12-06 04:00:33 -------- d-----w- C:\Program Files (x86)\SupTab
2014-12-06 04:00:24 -------- d-----w- C:\ProgramData\WindowsMangerProtect
2014-12-06 04:00:13 -------- d-----w- C:\Users\brenda\AppData\Roaming\omiga-plus
2014-12-05 23:47:03 -------- d-----w- C:\Users\brenda\AppData\Roaming\AVG
2014-12-05 23:46:44 -------- d-----w- C:\Program Files (x86)\AVG
2014-12-05 23:45:43 -------- d-----w- C:\Users\brenda\AppData\Local\Avg
2014-12-05 23:45:03 -------- d--h--w- C:\ProgramData\Common Files
2014-12-05 23:45:00 -------- d-----w- C:\ProgramData\AVG
2014-12-01 06:44:46 -------- d-----w- C:\ProgramData\Oracle
2014-11-24 12:40:33 -------- d-----w- C:\Users\brenda\AppData\Local\{8070DABD-109F-4DA4-8930-AB261AD7AE1E}
2014-11-20 22:08:17 -------- d-----w- C:\Users\brenda\AppData\Local\{EAF473D3-C904-4D03-BD57-FCDDCC73EB2F}
2014-11-18 21:16:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-18 21:16:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-18 21:16:36 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-18 21:16:36 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-14 09:56:56 -------- d-sh--w- C:\Users\brenda\AppData\Local\EmieBrowserModeList
.
==================== Find3M ====================
.
2014-12-11 02:17:58 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 02:17:58 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-11 01:15:06 18626304 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2014-12-11 01:14:58 3196816 ----a-w- C:\Windows\System32\nvapi64.dll
2014-11-21 08:38:00 2237952 ----a-w- C:\Windows\System32\wininet.dll
2014-11-21 08:37:51 600576 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-21 08:36:24 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-21 08:36:17 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-21 08:36:17 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-11-21 08:35:42 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-21 07:17:51 1762816 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 07:17:44 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-21 07:16:46 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-21 07:16:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-21 07:16:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-11-21 07:16:16 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-21 07:00:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-21 06:54:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-21 06:31:56 441856 ----a-w- C:\Windows\System32\html.iec
2014-11-21 06:24:52 361984 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-21 06:05:06 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-11-21 05:59:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-29 11:35:16 263960 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 03:07:11 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 04:14:32 274200 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-05 10:41:40 124184 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
.
============= FINISH: 13:43:31.23 ===============